Hack Notice

Hack Notice: From the frying pan into the fire: Thai business angers hackers

From the frying pan into the fire: Thai business angers hackers

Source
https://www.databreaches.net/angering-hackers-is-probably-not-a-winning-incident-response-strategy/
Description
DataBreaches.net seems to live the only site willing to report on certain breaches in Thailand these days. first it was the jade of Country group Securities (CGSEC) by hackers calling themselves ALTDOS. And now this week, this site reported a second onslaught by the same threat actors that involved MONO Next public Company. as previously reported, when asked for a response to the attack on MONO, the companion sent a statement. That statement seems to make irritated the threat actors who provided DataBreaches.net with a statement responding to it and more data as proof. Based on the new information provided to DataBreaches.net, it appears that MONO, which is one of a number of Jasmine International PLC subsidiaries, was not their initial target. ALTDOS attacked MONO when negotiations with Jasmine following an round on another subsidiary, 3BB, failed to produce payment. 3BB was attacked in November. 3BB is a fixed broadband service provider with millions of customers. ALTDOS claims that they eventually acquired 8 billion records with user information (name, address, date of birth, ID card number, mobile number, email address, username, password, etc.) and other corporate records. As proof of claim, ALTDOS provided DataBreaches.net with screenshots but also files with customer data, including one spreadsheet with 10,000 customer records. ALTDOS began negotiations on December 18, 2020. They claim that when Jasmine would not pay their $500,000 demand after the 3BB breach, they hacked into 12 of MONO’s data servers and stole hundreds of gigabytes of databases. Their hope was to “force their management into a proper negotiation with ALTDOS.” management replied on december 26, asking for more time, they claim. But after that, ALTDOS didn’t hear from the representative again, and so on New Year’s day, ALTDOS breached 3BB’s Wifi Hotspot servers and stole over 2.8 million user records. A file with more than 83,000 records was provided to DataBreaches.net as proof. following the onslaught on the Wifi Hotspot servers, management sent a new spokesperson to scratch or restart negotiations with them. “Their management proposed to pay us 1/3 of the demanded total and engage ALTDOS as their surety consultant over the next 2 years with 2/3 of the balance amount,” an ALTDOS interpreter claims, adding that ALTDOS refused their proposal and negotiated an 8-week installment project for payment. The negotiations began to fail when a few senior executives reportedly refused to agree to the installment defrayal plan. On January 7, ALTDOS leaked some MONO data. It might experience stayed at that leak level, exclude that Mono issued their press discharge and the statement angered the threat actors. They wrote to DataBreaches.net: ALTDOS is seriously insulted by their management statement which appear to undermine our expertise, and so here are the facts: ALTDOS did not rip some of their employee records. We stole all of their employee records. The stolen information contains more than just name and age. The HR databases contain everything related to each employee, including their father, mother, brother, sister, education, previous employment, salary sum and a lot more. as partial proof, they sent DataBreaches.net data from a MONO Human Resources. There were more than 2,900 records with numerous populated fields: There were so many fields in the hr file that it took three screenshots to capture all the fields. ALTDOS indicated that sql databases were beingness converted to .csv format. Redacted by DataBreaches.net. ALTDOS also provided DataBreaches.net with an employee resume file from MONO that had numerous personal and sensitive data fields and almost 20,000 records. DataBreaches.net is merely listing all the fields: But the pressure free trying to downplay the sum of employee data stolen was not ALTDOS’s only protest to the firm’s press outlet (which was quoted in the update to this post). They continued responding to the firm’s claims: ALTDOS did not steal some of their online customer information. We stole more than 8 million of their user’s sensitive information. The stolen corporate financial records are not those publicly available records. ALTDOS stole financial records ranging from bank account details, bank transfer, payment transaction records to their clients’ defrayal history. Eg, ALTDOS knows their exact charges for different advertisers at different time intervals of the day for various 30 seconds time slots on their tv channels from 2014 to 2020. We even know the balance in each of their bank accounts in different banks on different days throughout the 6 years. Their argument says that they have a surety system in place. Well, ALTDOS stole wads of their data for almost 2 months without red flags. There isn’t even a firewall installed to keep simple attacks. There was more to their statement but readers probably already get the kernel of it all. One specific criticism by ALTDOS was a bit surprising: The fact is ALTDOS warned them via email every time before our attacks, mentioning the time or the target of attack, yet ALTDOS manages to transgress in each attacks. There is no more preventative management. Jasmine’s communication person was sent inquiries to trace up on their first press vent and then a back enquiry about ALTDOS’s updated claims, but no reception has been received to either inquiry by time of this publication. Jasmine and CGSEC both appear to have been somewhat successful in Thailand in terms of getting intelligence outlets not to account on their respective attacks, but they relieve may experience to expose it all because notification following a breach is covered by Thailand’s data protection law. Linklaters cites the relevant supply of law this way: note of breach laws If there is a breach of personal data, the controller must notify the office of the committee without postponement and within 72 hours of identifying the breach, unless it poses no risks to the rights and freedom of an individual. If the breach poses a high risk to the rights and freedom of an individual, the controller shall notify such breach to the individual without postponement together with remedial guidelines. A processor must inform the relevant controller if there is a data breach. It is not known to DataBreaches.net whether 3BB […]

About HackNotice and From the frying pan into the fire: Thai business angers hackers

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and From the frying pan into the fire: Thai business angers hackers was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of From the frying pan into the fire: Thai business angers hackers their products, services, websites, or applications and you were a client of HackNotice, monitoring for From the frying pan into the fire: Thai business angers hackers you may have been alerted to this report about From the frying pan into the fire: Thai business angers hackers . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If From the frying pan into the fire: Thai business angers hackers had a transgress of consumer data or a data leak, then there may be additional actions that our clients should take to protect their digital identity. data breaches, hacks, and leaks often trail to and do identity theft, account take overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, password reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that trail to depress client security and digital identities that have been exposed and should be considered vulnerable to attack. HackNotice works with clients to discover the extent that digital identities have been exposed and provides remediation suggestions for how to handle each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that bruise consumers. HackNotice applies industry specific knowledge and advanced security practices to monitor for trends that point breaches, hacks, and exposed digital identities.

HackNotice also enables clients to part hack notices with their friend, family, and collogues to help increase awareness around alleged hacks, breaches, or data leaks. HackNotice workings to ply clients with sharable reports to help increase the security of our clients personal network. The certificate of the people that our clients interact with directly impacts the rase of certificate of our clients. Increased exposure to accounts that get been taken over by hackers leads to further account accept overs through phishing, malware, and other attach techniques.

If you found this cut notice to be helpful, then you may be interested in reading some additional cut notices such as:

, or the thief is only interested in the hardware stolen, not the data it contains. Nevertheless, whinjuries. a data breach may include incidents such as theft or loss of digital media sufter termination of the trust relationship. In distributed systems, this canful also occur with a prisonbreak

Defacement http://sipp.pn-pelaihari.go.id

https://www.bremskerl.de/

Defacement http://order.lenovo.com.mk/krz.html